Lines Matching +full:data +full:- +full:only
18 .\" Set up some character translations and predefined strings. \*(-- will
24 .tr \(*W-
27 . ds -- \(*W-
29 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
37 . ds -- \|\(em\|
71 .\" Fear. Run. Save yourself. No user-serviceable parts.
81 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
99 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
100 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
101 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
102 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
104 . \" troff and (daisy-wheel) nroff accents
123 . ds d- d\h'-1'\(ga
124 . ds D- D\h'-1'\(hy
133 .IX Title "OPENSSL-PKEYUTL 1ossl"
134 .TH OPENSSL-PKEYUTL 1ossl "2023-09-22" "3.0.11" "OpenSSL"
140 openssl\-pkeyutl \- public key algorithm command
144 [\fB\-help\fR]
145 [\fB\-in\fR \fIfile\fR]
146 [\fB\-rawin\fR]
147 [\fB\-digest\fR \fIalgorithm\fR]
148 [\fB\-out\fR \fIfile\fR]
149 [\fB\-sigfile\fR \fIfile\fR]
150 [\fB\-inkey\fR \fIfilename\fR|\fIuri\fR]
151 [\fB\-keyform\fR \fB\s-1DER\s0\fR|\fB\s-1PEM\s0\fR|\fBP12\fR|\fB\s-1ENGINE\s0\fR]
152 [\fB\-passin\fR \fIarg\fR]
153 [\fB\-peerkey\fR \fIfile\fR]
154 [\fB\-peerform\fR \fB\s-1DER\s0\fR|\fB\s-1PEM\s0\fR|\fBP12\fR|\fB\s-1ENGINE\s0\fR]
155 [\fB\-pubin\fR]
156 [\fB\-certin\fR]
157 [\fB\-rev\fR]
158 [\fB\-sign\fR]
159 [\fB\-verify\fR]
160 [\fB\-verifyrecover\fR]
161 [\fB\-encrypt\fR]
162 [\fB\-decrypt\fR]
163 [\fB\-derive\fR]
164 [\fB\-kdf\fR \fIalgorithm\fR]
165 [\fB\-kdflen\fR \fIlength\fR]
166 [\fB\-pkeyopt\fR \fIopt\fR:\fIvalue\fR]
167 [\fB\-pkeyopt_passin\fR \fIopt\fR[:\fIpassarg\fR]]
168 [\fB\-hexdump\fR]
169 [\fB\-asn1parse\fR]
170 [\fB\-engine\fR \fIid\fR]
171 [\fB\-engine_impl\fR]
172 [\fB\-rand\fR \fIfiles\fR]
173 [\fB\-writerand\fR \fIfile\fR]
174 [\fB\-provider\fR \fIname\fR]
175 [\fB\-provider\-path\fR \fIpath\fR]
176 [\fB\-propquery\fR \fIpropq\fR]
177 [\fB\-config\fR \fIconfigfile\fR]
180 This command can be used to perform low-level public key
184 .IP "\fB\-help\fR" 4
185 .IX Item "-help"
187 .IP "\fB\-in\fR \fIfilename\fR" 4
188 .IX Item "-in filename"
189 This specifies the input filename to read data from or standard input
191 .IP "\fB\-rawin\fR" 4
192 .IX Item "-rawin"
193 This indicates that the input data is raw data, which is not hashed by any
195 the \fB\-digest\fR option. This option can only be used with \fB\-sign\fR and
196 \&\fB\-verify\fR and must be used with the Ed25519 and Ed448 algorithms.
197 .IP "\fB\-digest\fR \fIalgorithm\fR" 4
198 .IX Item "-digest algorithm"
199 This specifies the digest algorithm which is used to hash the input data before
203 used. For signature algorithms like \s-1RSA, DSA\s0 and \s-1ECDSA, SHA\-256\s0 will be the
204 default digest algorithm. For \s-1SM2,\s0 it will be \s-1SM3.\s0 If this option is present,
205 then the \fB\-rawin\fR option must be also specified.
206 .IP "\fB\-out\fR \fIfilename\fR" 4
207 .IX Item "-out filename"
210 .IP "\fB\-sigfile\fR \fIfile\fR" 4
211 .IX Item "-sigfile file"
212 Signature file, required for \fB\-verify\fR operations only
213 .IP "\fB\-inkey\fR \fIfilename\fR|\fIuri\fR" 4
214 .IX Item "-inkey filename|uri"
216 .IP "\fB\-keyform\fR \fB\s-1DER\s0\fR|\fB\s-1PEM\s0\fR|\fBP12\fR|\fB\s-1ENGINE\s0\fR" 4
217 .IX Item "-keyform DER|PEM|P12|ENGINE"
219 See \fBopenssl\-format\-options\fR\|(1) for details.
220 .IP "\fB\-passin\fR \fIarg\fR" 4
221 .IX Item "-passin arg"
223 see \fBopenssl\-passphrase\-options\fR\|(1).
224 .IP "\fB\-peerkey\fR \fIfile\fR" 4
225 .IX Item "-peerkey file"
227 .IP "\fB\-peerform\fR \fB\s-1DER\s0\fR|\fB\s-1PEM\s0\fR|\fBP12\fR|\fB\s-1ENGINE\s0\fR" 4
228 .IX Item "-peerform DER|PEM|P12|ENGINE"
230 See \fBopenssl\-format\-options\fR\|(1) for details.
231 .IP "\fB\-pubin\fR" 4
232 .IX Item "-pubin"
234 .IP "\fB\-certin\fR" 4
235 .IX Item "-certin"
237 .IP "\fB\-rev\fR" 4
238 .IX Item "-rev"
241 .IP "\fB\-sign\fR" 4
242 .IX Item "-sign"
243 Sign the input data (which must be a hash) and output the signed result. This
245 .IP "\fB\-verify\fR" 4
246 .IX Item "-verify"
247 Verify the input data (which must be a hash) against the signature file and
249 .IP "\fB\-verifyrecover\fR" 4
250 .IX Item "-verifyrecover"
251 Verify the input data (which must be a hash) and output the recovered data.
252 .IP "\fB\-encrypt\fR" 4
253 .IX Item "-encrypt"
254 Encrypt the input data using a public key.
255 .IP "\fB\-decrypt\fR" 4
256 .IX Item "-decrypt"
257 Decrypt the input data using a private key.
258 .IP "\fB\-derive\fR" 4
259 .IX Item "-derive"
261 .IP "\fB\-kdf\fR \fIalgorithm\fR" 4
262 .IX Item "-kdf algorithm"
264 at present \fB\s-1TLS1\-PRF\s0\fR and \fB\s-1HKDF\s0\fR.
265 Note: additional parameters and the \s-1KDF\s0 output length will normally have to be
269 .IP "\fB\-kdflen\fR \fIlength\fR" 4
270 .IX Item "-kdflen length"
271 Set the output length for \s-1KDF.\s0
272 .IP "\fB\-pkeyopt\fR \fIopt\fR:\fIvalue\fR" 4
273 .IX Item "-pkeyopt opt:value"
274 Public key options specified as opt:value. See \s-1NOTES\s0 below for more details.
275 .IP "\fB\-pkeyopt_passin\fR \fIopt\fR[:\fIpassarg\fR]" 4
276 .IX Item "-pkeyopt_passin opt[:passarg]"
278 If only \fIopt\fR is specified, the user will be prompted to enter a password on
280 supported by \fBopenssl\-passphrase\-options\fR\|(1).
281 .IP "\fB\-hexdump\fR" 4
282 .IX Item "-hexdump"
283 hex dump the output data.
284 .IP "\fB\-asn1parse\fR" 4
285 .IX Item "-asn1parse"
286 Parse the \s-1ASN.1\s0 output data, this is useful when combined with the
287 \&\fB\-verifyrecover\fR option when an \s-1ASN1\s0 structure is signed.
288 .IP "\fB\-engine\fR \fIid\fR" 4
289 .IX Item "-engine id"
292 .IP "\fB\-engine_impl\fR" 4
293 .IX Item "-engine_impl"
294 When used with the \fB\-engine\fR option, it specifies to also use
296 .IP "\fB\-rand\fR \fIfiles\fR, \fB\-writerand\fR \fIfile\fR" 4
297 .IX Item "-rand files, -writerand file"
299 .IP "\fB\-provider\fR \fIname\fR" 4
300 .IX Item "-provider name"
302 .IP "\fB\-provider\-path\fR \fIpath\fR" 4
303 .IX Item "-provider-path path"
304 .IP "\fB\-propquery\fR \fIpropq\fR" 4
305 .IX Item "-propquery propq"
308 .IP "\fB\-config\fR \fIconfigfile\fR" 4
309 .IX Item "-config configfile"
320 hash the input data. It is used (by some algorithms) for sanity-checking the
321 lengths of data passed in and for creating the structures that make up the
322 signature (e.g. \fBDigestInfo\fR in \s-1RSASSA\s0 PKCS#1 v1.5 signatures).
324 This command does not hash the input data (except where \-rawin is used) but
325 rather it will use the data directly as input to the signature algorithm.
327 acceptable lengths of input data differ. The signed data can't be longer than
328 the key modulus with \s-1RSA.\s0 In case of \s-1ECDSA\s0 and \s-1DSA\s0 the data shouldn't be longer
334 bytes long binary encoding of the \s-1SHA\-1\s0 hash function output.
337 The \s-1RSA\s0 algorithm generally supports the encrypt, decrypt, sign,
339 support only a subset of these operations. The following additional
343 This sets the \s-1RSA\s0 padding mode. Acceptable values for \fImode\fR are \fBpkcs1\fR for
345 for \fB\s-1OAEP\s0\fR mode, \fBx931\fR for X9.31 mode and \fBpss\fR for \s-1PSS.\s0
347 In PKCS#1 padding if the message digest is not set then the supplied data is
352 For \fBoaep\fR mode only encryption and decryption is supported.
354 For \fBx931\fR if the digest type is set it is used to format the block data
355 otherwise the first byte is used to specify the X9.31 digest \s-1ID.\s0 Sign,
358 For \fBpss\fR mode only sign and verify are supported and the digest type must be
362 For \fBpss\fR mode only this option specifies the salt length. Three special
366 \&\fB\s-1PSS\s0\fR block structure.
369 For \s-1PSS\s0 and \s-1OAEP\s0 padding sets the \s-1MGF1\s0 digest. If the \s-1MGF1\s0 digest is not
370 explicitly set in \s-1PSS\s0 mode then the signing digest is used.
373 Sets the digest used for the \s-1OAEP\s0 hash function. If not explicitly set then
374 \&\s-1SHA1\s0 is used.
375 .SH "RSA-PSS ALGORITHM"
376 .IX Header "RSA-PSS ALGORITHM"
377 The RSA-PSS algorithm is a restricted version of the \s-1RSA\s0 algorithm which only
378 supports the sign and verify operations with \s-1PSS\s0 padding. The following
379 additional \fB\-pkeyopt\fR values are supported:
382 These have the same meaning as the \fB\s-1RSA\s0\fR algorithm with some additional
383 restrictions. The padding mode can only be set to \fBpss\fR which is the
386 If the key has parameter restrictions than the digest, \s-1MGF1\s0
388 The digest and \s-1MG\s0 cannot be changed and the salt length cannot be set to a
392 The \s-1DSA\s0 algorithm supports signing and verification operations only. Currently
393 there are no additional \fB\-pkeyopt\fR options other than \fBdigest\fR. The \s-1SHA1\s0
397 The \s-1DH\s0 algorithm only supports the derivation operation and no additional
398 \&\fB\-pkeyopt\fR options.
401 The \s-1EC\s0 algorithm supports sign, verify and derive operations. The sign and
402 verify operations use \s-1ECDSA\s0 and derive uses \s-1ECDH. SHA1\s0 is assumed by default for
403 the \fB\-pkeyopt\fR \fBdigest\fR option.
406 The X25519 and X448 algorithms support key derivation only. Currently there are
410 These algorithms only support signing and verifying. OpenSSL only implements the
411 \&\*(L"pure\*(R" variants of these algorithms so raw data can be passed directly to them
412 without hashing them first. The option \fB\-rawin\fR must be used with these
413 algorithms with no \fB\-digest\fR specified. Additionally OpenSSL only supports
421 The \s-1SM2\s0 algorithm supports sign, verify, encrypt and decrypt operations. For
422 the sign and verify operations, \s-1SM2\s0 requires an Distinguishing \s-1ID\s0 string to
423 be passed in. The following \fB\-pkeyopt\fR value is supported:
426 This sets the \s-1ID\s0 string used in \s-1SM2\s0 sign or verify operations. While verifying
427 an \s-1SM2\s0 signature, the \s-1ID\s0 string must be the same one used when signing the data.
431 This sets the \s-1ID\s0 string used in \s-1SM2\s0 sign or verify operations. While verifying
432 an \s-1SM2\s0 signature, the \s-1ID\s0 string must be the same one used when signing the data.
433 Otherwise the verification will fail. The \s-1ID\s0 string provided with this option
437 Sign some data using a private key:
440 \& openssl pkeyutl \-sign \-in file \-inkey key.pem \-out sig
443 Recover the signed data (e.g. if an \s-1RSA\s0 key is used):
446 \& openssl pkeyutl \-verifyrecover \-in sig \-inkey key.pem
449 Verify the signature (e.g. a \s-1DSA\s0 key):
452 \& openssl pkeyutl \-verify \-in file \-sigfile sig \-inkey key.pem
455 Sign data using a message digest value (this is currently only valid for \s-1RSA\s0):
458 \& openssl pkeyutl \-sign \-in file \-inkey key.pem \-out sig \-pkeyopt digest:sha256
464 \& openssl pkeyutl \-derive \-inkey key.pem \-peerkey pubkey.pem \-out secret
467 Hexdump 48 bytes of \s-1TLS1 PRF\s0 using digest \fB\s-1SHA256\s0\fR and shared secret and
471 \& openssl pkeyutl \-kdf TLS1\-PRF \-kdflen 48 \-pkeyopt md:SHA256 \e
472 \& \-pkeyopt hexsecret:ff \-pkeyopt hexseed:ff \-hexdump
478 \& openssl pkeyutl \-kdf scrypt \-kdflen 16 \-pkeyopt_passin pass \e
479 \& \-pkeyopt hexsalt:aabbcc \-pkeyopt N:16384 \-pkeyopt r:8 \-pkeyopt p:1
482 Derive using the same algorithm, but read key from environment variable \s-1MYPASS:\s0
485 \& openssl pkeyutl \-kdf scrypt \-kdflen 16 \-pkeyopt_passin pass:env:MYPASS \e
486 \& \-pkeyopt hexsalt:aabbcc \-pkeyopt N:16384 \-pkeyopt r:8 \-pkeyopt p:1
489 Sign some data using an \s-1\fBSM2\s0\fR\|(7) private key and a specific \s-1ID:\s0
492 \& openssl pkeyutl \-sign \-in file \-inkey sm2.key \-out sig \-rawin \-digest sm3 \e
493 \& \-pkeyopt distid:someid
496 Verify some data using an \s-1\fBSM2\s0\fR\|(7) certificate and a specific \s-1ID:\s0
499 \& openssl pkeyutl \-verify \-certin \-in file \-inkey sm2.cert \-sigfile sig \e
500 \& \-rawin \-digest sm3 \-pkeyopt distid:someid
503 Decrypt some data using a private key with \s-1OAEP\s0 padding using \s-1SHA256:\s0
506 \& openssl pkeyutl \-decrypt \-in file \-inkey key.pem \-out secret \e
507 \& \-pkeyopt rsa_padding_mode:oaep \-pkeyopt rsa_oaep_md:sha256
512 \&\fBopenssl\-genpkey\fR\|(1),
513 \&\fBopenssl\-pkey\fR\|(1),
514 \&\fBopenssl\-rsautl\fR\|(1)
515 \&\fBopenssl\-dgst\fR\|(1),
516 \&\fBopenssl\-rsa\fR\|(1),
517 \&\fBopenssl\-genrsa\fR\|(1),
518 \&\fBopenssl\-kdf\fR\|(1)
523 The \fB\-engine\fR option was deprecated in OpenSSL 3.0.
526 Copyright 2006\-2021 The OpenSSL Project Authors. All Rights Reserved.
530 in the file \s-1LICENSE\s0 in the source distribution or at